VMware Builds SDN Ecosystem; Where's Cisco?

VMware needs hardware vendors to support its approach to virtualized networking, but Cisco doesn't appear to be among the 20 partners already on board.

VMware Vs. Microsoft: 8 Cloud Battle Lines

(click image for larger view and for slideshow)

As VMware plunges into the software-defined networking (SDN) market with NSX, one thing is of crucial importance: Some other companies making networking products must follow its lead.

NSX is not a line of switches or routers, but a software set meant to delineate a new way of provisioning networks as virtual subnets on the existing physical network. NSX allows the network to be divided into logical segments, and each virtual server gets assigned an individual network at the moment of its creation. For such a thing to happen, the control plane of the network, the central command post that gives each subnet its marching orders, needs to sit on top of and manage the physical resources -- switches, routers, controllers.

VMware can create an abstract platform that does all this, but it won't work if network device manufacturers don't support it. Switches, routers, controllers and, for that matter, firewalls and load balancers must be built to support its specifications.

One barometer of its success is Cisco, which has always been a major VMware partner, and whether it's on board. Another way of gauging support is to see how many of Cisco's competitors are participating. So far, VMware is assured of support from Cisco competitors -- Juniper, HP, Dell and Citrix -- but not Cisco itself. HP, for example supports NSX with its Virtual Application Networks SDN Controller, even though HP's own product line adopts the OpenFlow protocol as the basis for virtual networking.

Cisco, on the other hand, offers its own approach to converged infrastructure for virtualized systems with programmable networking. It's Cisco Open Network Environment Platform Kit (OnePK). At the Cisco Liveevent in Orlando in June, Cisco unveiled its own data center networking, based on its Insieme Networks purchase.

Previously, Cisco executives have even referred disparagingly to VMware's "software-defined data center," as "a marketing term," not a technology reality.

NSX, for example, is option number two in the joint venture Virtual Computing Environment (VCE) that produces racks of servers and switches optimized for virtualization, using VMware virtualization, Cisco servers and networking, and EMC storage. VCE uses Cisco's OnePK approach to software-defined networking. NSX will be a second option, not the default choice, according to a VCE spokesman at VMworld.

VMware supplies the server virtualization for the integrated racks of servers and switches that VCE ships, but Insieme "marries the virtual network services to the physical net," said VCE CTO Trey Layton in an interview.

In some ways, VMware's push into the networking field matches Cisco's 2009 push into server production, when its server partners would have preferred it stay out. It raised hackles inside HP, IBM and Dell, which felt part of Cisco's success had come from their support. As Cisco succeeded in server sales, they became stronger networking vendors, retracting some of that support. In IDC Q2 server sales figuresannounced Tuesday, Cisco was up 42.6% to $537 million, compared to $376 million last year. HP was off 17.5% to $3.07 billion from $3.72 billion in 2012. It also retains a dominating presence in sales of physical network devices.

By venturing into virtual networking, VMware will gain the option of controlling the provisioning of the network through its virtualization management system, vSphere 5.5, and expand its reach in managing the virtualized data center. Martin Casado, VMware's chief architect of networking, has said NSX puts the intelligence needed to create virtual networks into the hypervisor, which can respond with orders to change the network if the demands on the virtual machine change. VMware has already produced the virtual switch and distributed switch in the hypervisor and was working on VXLAN virtual tunneling as NSX was conceived.

NSX can work with hypervisors in addition to VMware's, including Microsoft's Hyper-V and Red Hat's KVM, the default hypervisor of the OpenStack cloud. It can also be used to manage networks for bare metal servers.

Security vendors TrendMicro, Fortinet and McAfee, now part of Intel, will also support NSX APIs in their network security products. Citrix, a competitor in provisioning virtual desktops, has announced its NetScaler product for scaling up end user provisioning will be integrated with NSX operations. In all, VMware lists 20 partners willing to support NSX at an early stage of its existence.

NSX is still in beta and won't be generally available until the fourth quarter.

To be clear, VCE offers Cisco's OnePK and Unified Fabric on its converged infrastructure Vlolock racks. It's the default offering, as stated. But VCE doesn't offer NSX as "a second choice." It's available if the customer chooses to buy NSX from VMware and installs it. Then the Vblock will work with it through support of NSX APIs. Likewise for vCloud Networking and Security, a second VMware product in this area. VCE supports Vblock virtualization up to and including VMware's server hypervisor. It does not provide technical support for networking virtualization via VMware NSX or vCNS. CTO Trey Layton wished to be clear on the point. VCE is a joint venture of EMC and Cisco, with "investment" by VMware and Intel..

Given the market penetration of both VMware and Cisco, I'm guessing they have a lot of customer overlap. Cisco won't like it, but those customers are going to demand tighter integration as they start to play around with NSX. Cisco may be able to stall some of them while it gets Insieme up and running (whatever Insieme happens to be), but I think customer pressure will be too great for Cisco to just pretend NSX never happened.

In a nutshell, Cisco believes it has to approach network virtualization from the network administrator's and network management console perspective, while VMware is looking at it as another component of the virtualized server. Under NSX, more intelligence on the nature of each VM's network is placed in the host server's hypervisor, as opposed to out on the network command post. Network Computing's Greg Ferro describes it here.http://www.informationweek.com....

Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.